package com.example.springjpa.controller;


import cn.stylefeng.roses.core.base.controller.BaseController;
import com.example.springjpa.pojo.User;
import com.example.springjpa.service.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.servlet.ModelAndView;

import java.util.List;

@Controller
public class HelloController extends BaseController {

    @Autowired
    private UserService userService;

    @GetMapping("notLogin")
    public ModelAndView notLogin(){
        return new ModelAndView("login");
    }
    @GetMapping("notRole")
    public ModelAndView notRole(){
        return new ModelAndView("norelo");
    }

    @GetMapping("login")
    public ModelAndView login(String username, String password){
        ModelAndView modelAndView = new ModelAndView("index");
        //从 securityUtils 里面创建出一个用户
        Subject subject = SecurityUtils.getSubject();

        UsernamePasswordToken token = new UsernamePasswordToken(username,password);

        subject.login(token);


        List<User> user = userService.findByName(username);
        String roleid = user.get(0).getRole();
        if(roleid.contains("user")){
            modelAndView.addObject("message","欢迎登录");
            return modelAndView;
        }
        if(roleid.contains("admin")){
            modelAndView.addObject("message","管理员");
            return modelAndView;
        }
        modelAndView.addObject("message","没有权限了");
        return modelAndView;
    }



}
